PT-2025-30310 · Drupal · Drupal Block Attributes
Greg Knaddison
+4
·
Publicado
2025-07-21
·
Atualizado
2025-08-26
·
CVE-2025-7715
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Drupal Block Attributes versions 0.0.0 through 1.0.9
Drupal Block Attributes versions 2.0.0 through 2.0.0
Description
A flaw exists in Drupal Block Attributes that allows for Cross-Site Scripting (XSS). This issue is due to improper neutralization of input during web page generation.
Recommendations
Update Drupal Block Attributes to version 1.1.0 or later.
Update Drupal Block Attributes to version 2.0.1 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Drupal Block Attributes